Case Studies

We have worked on model checking collision avoidance protocols in air traffic management.
These protocols direct aircraft, which are flying close, to flight paths which respect the protected zones of the aircraft.

The visual presentation layer of the AMC model checker can be used to animate traces
like these examples of collision avoidance protocols in air traffic management:

Abstract

In this paper, we analyze limits of approximation techniques for
(non-linear) continuous image computation in model checking hybrid
systems. In particular, we show that even a single step of continuous
image computation is not semidecidable numerically even for a very
restricted class of functions. Moreover, we show that symbolic insight
about derivative bounds provides sufficient additional information for
approximation refinement model checking. Finally, we prove that purely
numerical algorithms can perform continuous image computation with
arbitrarily high probability. Using these results, we analyze the
prerequisites for a safe operation of the roundabout maneuver in air
traffic collision avoidance.

Due to so many requests for my slides, I have decided to put them online under the above link.

We address safety model checking for robust hybrid systems at the decidability borderline of image computation. We present approximation-refinement techniques for uniform piecewise polynomial over-approximations of non-linear dynamics exploiting flow bounds, probabilistic bounds or Lipschitz bounds and robust switching surfaces.
We show decidability in the presense of bounds, probabilistic bounds, or Lipschitz bounds using effective Weierstraß approximations.
We show that image computation for hybrid systems is undecidable in the general case.